As multiple-system operators (MSO) migrate to the use of shared frameworks for operating and servicing customer premise equipment (CPE) devices, such as the reference design kit (RDK) development model, a need develops for securing contributions made to the shared frameworks by MSOs. For example, MSOs can create their own images for use on associated CPE devices. Today's DOCSIS hardware requires images to be signed so they can be validated by hardware at runtime for a trusted boot-up process. They also need to be signed to allow for secure download in the field. Both of these processes have been put in place to reduce the possibility of a hacker being able to replace software on a device in the field. Generally, when an MSO generates an image on its own server, the image needs to be provided with a signature before it can be used or processed by a serviced device such as a CPE device or other client device. An MSO might not have access to a key or encoding algorithm that is needed to generate a signature for a specific receiving device. Therefore, a need exists for improving methods and systems for signing images remotely.
Like reference numbers and designations in the various drawings indicate like elements.